notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 15:40:48 +05:30
Code Issues Releases Wiki Activity

Updated Optional Hardening (markdown)

yokoffing
2026-05-27 23:53:27 -04:00
parent d0b41632f6
commit 62217a9fa5
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Optional-Hardening.md
+20
@@ -208,6 +208,7 @@ For Option 2, you can create exceptions to stay logged in to some sites between
* `☰` *→ Settings → Privacy & Security → Cookies and Site Data → Manage Exceptions* * `☰` *→ Settings → Privacy & Security → Cookies and Site Data → Manage Exceptions*
*** ***
### Service Workers ### Service Workers
Service workers cache a web page's content before it loads, which allows the content to load a few milliseconds faster on return visits. Service workers also let you receive [push notifications](https://support.mozilla.org/en-US/kb/push-notifications-firefox#w_how-do-i-stop-firefox-asking-me-to-allow-notifications) from sites even after you close the site, behavior which Betterfox [blocks](https://github.com/yokoffing/Betterfox/blob/392c62a03c0d63e323a9aae55bc9aff87454db16/Securefox.js#L1461-L1467) by default. Service workers cache a web page's content before it loads, which allows the content to load a few milliseconds faster on return visits. Service workers also let you receive [push notifications](https://support.mozilla.org/en-US/kb/push-notifications-firefox#w_how-do-i-stop-firefox-asking-me-to-allow-notifications) from sites even after you close the site, behavior which Betterfox [blocks](https://github.com/yokoffing/Betterfox/blob/392c62a03c0d63e323a9aae55bc9aff87454db16/Securefox.js#L1461-L1467) by default.
@@ -225,6 +226,25 @@ user_pref("dom.serviceWorkers.privateBrowsing.enabled", false);
``` ```
*** ***
### Service Workers
For web compatibility reasons, Firefox will dynamically grant unpartitioned access to third-party cookies for 30 days in certain scenarios which require user interaction. For example, if you click a **Login with SSO** button on a website, Firefox will grant the SSO provider storage access to the website you clicked that button on for 30 days.
#### Option 1
You can disable this functionality and partition all third-party cookies, but we do not recommend doing so as this can cause websites to break, especially if you use SSO functionality. To do so, you can go to `about:config`, search for the following preferences, and set them to `false`.
```javascript
// PREF: restrict dynamic storage access
user_pref("privacy.restrict3rdpartystorage.heuristic.navigation", false);
user_pref("privacy.restrict3rdpartystorage.heuristic.opened_window_after_interaction", false);
```
#### Option 2
You can go even further by disabling web compatibility functionality entirely, which will disable the two dynamic heuristics above, [SmartBlock](https://blog.mozilla.org/security/2021/07/13/smartblock-v2/), and manual anti-tracking exceptions made by Mozilla for some websites, but we do not recommend doing so because this will cause significant website breakage with little privacy gain compared to Mozillas dynamic approach. To do so, you can go to `about:config`, search for the following preference, and set it to `false`.
```javascript
// PREF: disable all web compat
user_pref("privacy.antitracking.enableWebcompat", false);
```
### JavaScript Optimization ### JavaScript Optimization